A free tool for Linux to detect NICs in promisc mode remotely

[Andrey Pastukhov <a.pastukhov () gmail com>]

Hi everyone!
I've been searching for a free program tool that allows remote detecting 
of network nodes in promiscuous mode.
Found a few ones for Win32, but I need something for running on Linux 
and, if possible, a separate tool (not a module for sniffer or etc).
So, I tried sentinel, and it seemed like it didn't work: neither -a, -d 
or -e modes failed to detect a linux box with tcpdump running (or after 
executing 'ifconfig -i eth0 promisc'). Maybe it's nothing wrong with it, 
and I do misunderstand something. But as far as i can see, sentinel uses 
well known and pretty old methods (for example, it looks like '-a' 
option turns on the one that was described in  
http://www.securityfriday.com/promiscuous_detection_01.pdf).
Anyway, I would appreciate, if  someone helped me to find a way of 
resolving this matter.
Thanks a lot!


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------